System UpdatesMake sure you have the latest Windows and other Microsoft updates installed. Security researchers uncover new vulnerabilities in Windows components almost weekly, so make sure automatic updates is on, or visit Windows Update regularly. Also make sure you have the latest Service Pack installed - XP SP3, Vista SP2, Win7 SP1 and Windows 8.1. Viruses and worms can take advantage of vulnerabilities in Windows components to infect your system if you aren't up to date. Even if you use a pirated version of Windows, you can still turn on automatic updates.

XP, Vista and Windows 7 / 8 all come with Windows Update, but you can opt-in to use Microsoft Update which is essentially Windows Update with additional updates for other MS software (Office, Visual Studio, etc). I recommend you enable this by going to Windows Update and following the links to Microsoft Update.

Anti-VirusI'm not a big fan of anti-virus software since it tends to lag behind the viruses in detection and can cause performance and compatibility problems, but it helps a little bit. Microsoft's own Security Essentials is actually pretty decent and is free, which is about the price most people are willing to pay. Again, make sure you let it auto-update, an out of date anti-virus is useless. Modern viruses are becoming extremely difficult to detect and remove, so it's important to follow all the steps in this guide to try to avoid becoming infected in the first place. As of 2013, BitDefender has become a pretty decent anti-virus software, also available in a free version.

FirewallWindows firewall is all you need. Most of you will be behind a NAT router which prevents incoming connections to your PC anyway without port forwarding, but as IPv6 uptake in the near future takes off, NAT will slowly die and your PC will have a public IP address. Windows firewall simply stops programs from accepting connections from the Internet unless you allow them, so if there are vulnerabilities in any networked programs, worms and viruses can't exploit them.

Some of you may think you need a more advanced 3rd party firewall that blocks programs from initiating connections, but if you need this then you've already failed. If a program you don't trust is already executing code on your PC then you lost the battle to begin with. Also 3rd party firewalls themselves can expose your system to risk, there is a long history of firewall software that contains exploitable vulnerabilities, as well as bad coding which can cripple your PC performance or cause random crashes, network issues or similar errors.

DEP (Data Execution Prevention)DEP (or NX as it's sometimes called) prevents computer code from executing from areas of memory that are marked as containing only data. This has been around on modern CPUs for a while but by default Windows will only apply DEP to Windows programs and services. Since web browsers, plugins, IM clients, etc are all common vectors for viruses and malware, it is a very good idea to have DEP apply to all programs as it mitigates a large number of attacks. That WMF exploit that infected people just by visiting a website? Blocked by DEP. That Warcraft 3 custom map exploit? Blocked by DEP. Those are just two examples I've personally tested. It's a great preventive measure that everyone should have enabled.

To enable DEP (procedure might be slightly different for Vista / Windows 7), right click My Computer, Properties, Advanced, Performance, Settings, Data Execution Prevention, and tick "Turn on DEP for all programs and services". Contrary to some reports, enabling DEP will not slow down your PC.

There may be old programs that rely on executing code from data memory that have not been updated for DEP compatibility. If you encounter a DEP violation, you will see a popup saying "To help protect your computer, Windows has closed this program". From that dialog you can add an exception, but only do this if you are sure the program is at fault (eg, by repeatedly being able to cause the DEP error yourself). If you are browsing the web and suddenly get a DEP violation, chances are something just tried to exploit your browser or a plugin so you would definitely not want to add an exception!

3rd party addons to programs can also cause DEP violations, eg if after enabling DEP you find your browser immediately exits with a DEP error, try disabling any plugins / addons or make sure they are all up to date. Windows Explorer also loads addons (shell extensions), so if you find Explorer is exiting with DEP violations and you feel comfortable with advanced tools, you can use AutoRuns to list your shell extensions and disable any problematic ones.

Despite the two paragraphs of compatibility warnings, 99.9% of you will have zero issues after enabling DEP, so don't be afraid .

Enhanced Mitigation Experience ToolkitDespite the long and scary looking name, EMET is a great piece of software. It's a free toolkit from Microsoft that allows you to apply advanced security techniques to any piece of software on your system. You can download it at http://technet.microsoft.com/en-us/security/jj653751. After you install it, run it and set the following System Options: DEP: Application Opt-Out, SEHOP: Application Opt-Out and ASLR: Application Opt-In. This will allow applications that support it to make use of advanced methods to hinder malware.

The part where EMET shines is it also allows you to force otherwise unsupported applications into using these advanced technologies. In the Configure Apps page, you can add an application and choose which protections to apply (leave them all on by default for most apps). I strongly recommend you add all your web browsers and other commonly targeted software such as VOIP / IM clients, PDF readers, etc. This will greatly reduce the risk of "zero day" (unpatched) exploits from affecting you. Note, if you use FireFox, also add "Plugin-Container.exe" to the list as this program houses Adobe Flash and other external plugins. You do not need to have EMET running for the protections to apply, they are loaded automatically once they are set.

Software UpdatesEvery piece of software on your PC that interacts with the Internet or files could be a possible vector for virus / worm exploitation. It's very important you keep all your programs up to date as exploits are discovered for common products surprisingly often. I recommend using the Secunia Personal scanner which will scan your entire PC for any programs that might allow your system to be compromised. You'll be surprised what it finds. The latest version can even auto-install updates for you if you're lazy.

Adobe software in particular seems to have a very poor history - Adobe Flash, Adobe Reader, Adobe Air have all had exploits that could allow your system to be compromised by visiting a webpage. Worse still, many of these products don't auto update so you have to rely on 3rd party assistance (Secunia PSI) or do it manually.

Browsers and PluginsSince web exploits are the number one vector for malware, it's important to use a secure web browser. I strongly recommend Google Chrome as it has powerful sandboxing and isolation technologies to help prevent web-based malware from infecting your system. Firefox is OK, but it isn't as good as it used to be and Internet Explorer should really be a last resort. Chrome also has an excellent background automatic update system which is very important, an out of date browser is likely vulnerable to exploits.

Browsers are often extended with plugins, which while providing features like PDF viewing and streaming, also expose you to additional risk as a security vulnerability in a plugin can allow malware to exploit it and infect your PC. Many plugins do not auto update which makes managing your plugins quite important. Don't need to read PDF files in your browser? Disable Adobe PDF plugin so PDF files can't auto-load. Finished watching some stream that required a browser addon? Disable that addon. Installed a plugin from some strange Asian game that you're done playing? Now go and disable it. If you use Firefox or Chrome, you can do a very basic plugin check here: http://www.mozilla.com/en-US/plugincheck/.

To disable plugins in IE (you should do this even if IE isn't your main browser), goto Options -> Manage Addons

To disable plugins in Firefox, goto Addons -> Plugins.

To disable plugins in Chrome, go to chrome:plugins in the address bar.

To disable plugins in Opera, go to opera:plugins in the address bar.

JavaJava is often installed for some other purpose such as running a program, but it also installs a browser plugin. These days, very few sites use the Java plugin so it's a good idea to disable it for extra security. As of 2013, Java has suffered from multiple major security issues that can result in drive-by malware installation, so if you do not use it (if you don't know, you most likely don't use it), I strongly suggest uninstalling Java or at the very least, removing the Java plugin from all of your browsers. JavaScript is entirely unrelated to the Java plugin and will continue to work fine.

Flash PlayerFlash player installs multiple versions - one for IE, one for Chrome / Firefox / Opera. Make sure both of them are up to date by visiting this page and comparing your version to the latest released version. If out of date, download and install the latest one. Flash should automatically update, but it only checks on startup of your PC which if you leave your PC running 24/7, may not be often enough.

Password Re-useOne of the biggest threats to your online security is reusing passwords. When you use the same password in multiple places, any time one of those places is compromised, every other site where you use the same password is also compromised. What often happens is people re-use the same password at a forum or online store or similar, which is compromised by hackers, often exploiting old / insecure software running on the server. From there, they can download the entire user database, which often includes your email address. If you used the same password for your email account, then you're completely screwed - the hackers can log into your email, find every account you've signed up for, issue password resets, etc and completely compromise your online identity.

By cross-referencing usernames and emails, it's possible to exploit even further - if for example you're an admin on a forum and re-used the same password somewhere else which was stolen, hackers could compromise your admin account and then exploit your forum too, as admin accounts often provide elevated access that allows dumping the entire user database etc.

Unfortunately solving this issue is not so easy. You definitely won't be able to remember all your passwords, so the use of a password manager like Keepass or Lastpass is strongly recommended. Any time you sign up for a site, create a unique password and store it in your password manager. This greatly mitigates the risk if one of the sites is compromised, which happens a lot more often than you may think - sometimes even without the site owner knowing.

Awesome points, I was just helping my relatives with configuring their new crappy netbook, again though never fond of Windows Firewall. I'll just tell him to use it since hes not gonna use torrents or anything, expect for simple web browsing(Well it is a netbook to begin with). As for the plugins, I think its too much of a hassle and I dont think anyone is that paranoid.

"If I had to take a drug in order to be free, I'm screwed. Freedom exists in the mind, otherwise it doesn't exist."

Anti-VirusI'm not a big fan of anti-virus software since it tends to lag behind the viruses in detection, but it helps a little bit. Microsoft's own Security Essentials is actually pretty decent and is free, which is about the price most people are willing to pay. Again, make sure you let it auto-update, an out of date anti-virus is useless. Modern viruses are becoming extremely difficult to detect and remove, so it's important to follow all the steps in this guide to try to avoid becoming infected in the first place.

Seriously? I really don't see a reason why you shouldn't use a free anti-virus software like Avira. It's small, doesn't hog system resources, and has a decently high detection rate. AND ITS FREE!

If you do get your computer infected, I highly recommend using Malwarebyte's. It's free and it's really effective.

Be aware that new PCs (netbooks too) often come preloaded with exploitable software, likely Adobe products. Disabling plugins you don't need / use isn't really paranoid, it helps to minimize the possible attack vector. I'm not trying to suggest you disable plugins every time you are done with them, just ones you don't use often. For example, I installed Octoshape or whatever it is to watch the WCG and some other random plugin to watch Blizzcon. Since those only happen once a year, I disable them after I'm done so the other 364 days of the year I'm not exposing myself should an exploit be developed for one of them.

Anti-VirusI'm not a big fan of anti-virus software since it tends to lag behind the viruses in detection, but it helps a little bit. Microsoft's own Security Essentials is actually pretty decent and is free, which is about the price most people are willing to pay. Again, make sure you let it auto-update, an out of date anti-virus is useless. Modern viruses are becoming extremely difficult to detect and remove, so it's important to follow all the steps in this guide to try to avoid becoming infected in the first place.

Seriously? I really don't see a reason why you shouldn't use a free anti-virus software like Avira. It's small, doesn't hog system resources, and has a decently high detection rate. AND ITS FREE!

If you do get your computer infected, I highly recommend using Malwarebyte's. It's free and it's really effective.

Yea, been using Malwarebyte's for awhile.

edit: Totally forgot about Octoshape actually, used it once when WCG demanded it.

Last edit: 2010-01-09 08:51:35

"If I had to take a drug in order to be free, I'm screwed. Freedom exists in the mind, otherwise it doesn't exist."

On January 09 2010 17:46 madnessman wrote:Seriously? I really don't see a reason why you shouldn't use a free anti-virus software like Avira. It's small, doesn't hog system resources, and has a decently high detection rate. AND ITS FREE!

"Decently high" is not good enough these days. Unless it contains an advanced heuristic engine, basic signature definitions are not going to catch the type of malware that is floating around these days. Just two days ago I removed an infection on a friends PC and uploaded the file for analysis, only 4 out of 41 anti virus products detected anything.

Another issue I have with AV software is the alarming rate of false positives, where legitimate software is mistakenly identified as a virus. As an example of how stupid this is, I modified the Windows XP Notepad to include a few extra imports and strings, there is ZERO change to any of the executable code and the file is completely safe to run. 15 virus scanners think it's a virus.

On January 09 2010 17:46 madnessman wrote:Seriously? I really don't see a reason why you shouldn't use a free anti-virus software like Avira. It's small, doesn't hog system resources, and has a decently high detection rate. AND ITS FREE!

"Decently high" is not good enough these days. Unless it contains an advanced heuristic engine, basic signature definitions are not going to catch the type of malware that is floating around these days. Just two days ago I removed an infection on a friends PC and uploaded the file for analysis, only 4 out of 41 anti virus products detected anything.

Another issue I have with AV software is the alarming rate of false positives, where legitimate software is mistakenly identified as a virus. As an example of how stupid this is, I modified the Windows XP Notepad to include a few extra imports and strings, there is ZERO change to any of the executable code and the file is completely safe to run. 15 virus scanners think it's a virus.

True. I was flipping through some PC mag's antivirus software review last week and the best anti virus (I can't remember its name) had a 99.5 detection rate and ~70% heuristic detection rate. It really pisses me off that I can't remember what its name is. It isn't one of the big ones (norton, kaspersky, etc) and it isn't free. Do you know which one I'm talking about?

I agree with virus scanners being to sensitive, unfortunately most of us or me stumble when something deep like a harmful rootkit hits your PC. All-be-it it comes to just being careful about everything.

"If I had to take a drug in order to be free, I'm screwed. Freedom exists in the mind, otherwise it doesn't exist."

On January 09 2010 17:46 madnessman wrote:Seriously? I really don't see a reason why you shouldn't use a free anti-virus software like Avira. It's small, doesn't hog system resources, and has a decently high detection rate. AND ITS FREE!

"Decently high" is not good enough these days. Unless it contains an advanced heuristic engine, basic signature definitions are not going to catch the type of malware that is floating around these days. Just two days ago I removed an infection on a friends PC and uploaded the file for analysis, only 4 out of 41 anti virus products detected anything.

Another issue I have with AV software is the alarming rate of false positives, where legitimate software is mistakenly identified as a virus. As an example of how stupid this is, I modified the Windows XP Notepad to include a few extra imports and strings, there is ZERO change to any of the executable code and the file is completely safe to run. 15 virus scanners think it's a virus.

True. I was flipping through some PC mag's antivirus software review last week and the best anti virus (I can't remember its name) had a 99.5 detection rate and ~70% heuristic detection rate. It really pisses me off that I can't remember what its name is. It isn't one of the big ones (norton, kaspersky, etc) and it isn't free. Do you know which one I'm talking about?

NOD32 had almost 100% detection rate on the boards, but that was awhile ago.

"If I had to take a drug in order to be free, I'm screwed. Freedom exists in the mind, otherwise it doesn't exist."

I don't think I've ever wished my opponent good luck prior to a game. When I play, I play to win. I hope every opponent I ever have is cursed with fucking terrible luck. I hope they're stuck playing underneath a stepladder with a black cat in attendance a

To add another suggestion, I recommend the noscript addon for Firefox (http://noscript.net/). It blocks all javascript and flash by default, and lets you whitelist domains you trust as you visit them by clicking a button. That sounds really goddamn annoying, and it sort of is, at first, but after a day or two of browsing you'll have most of your trusted sites whitelisted. It's a good layer of protection when you visit sketchy sites, and it also blocks some shitty flash ads.